To enable user authentication, set the derby.connection.requireAuthentication property
to true. Otherwise, Derby does
not require a user name and password. You can set this property as a system-wide
property or as a database-wide property.
For a multi-user product, you would typically set it for the system in
the derby.properties file for your server, since it is in a trusted
environment.
Note: If you start a Derby system
with user authentication enabled but without defining at least one user, you
will not be able to shut down the system gracefully. When Derby is
running in a connectivity server and user authentication is turned on, stopping
the server requires a user name and password. You will need to alter shutdown
scripts accordingly.
Note:
Additionally, if you create and start
a
Derby system
with user authentication and
SQL authorization
both enabled, or plan to enable them later,
you should make sure you create
the database by connecting as the user that is to become the
database
owner.
If you neglect to supply a user when the database is created, the
database owner will by default become "APP". If you later enable
both authentication and SQL authorization and "APP" is a not valid
user name, you will not be able to perform operations restricted to
the database owner, including shutting down the database (as opposed
to the full system which may currently be shut down by any
authenticated user, see previous note). Nor will you be able to
(re)encrypt the database nor perform a full upgrade of it.